I was searching for bug bounty programmes by using google dorks, when I came across one by a company, let’s say, Example Inc. They had a relatively big scope and I thought I’d give that a try.
This is a write-up about a weird XSS vuln I found, that made me think I was losing my mind.
I recently started giving my first shots on Bug Hunting, even though I have no previous experience on security apart from HTB, CTFs and learning in general. And nevertheless, I came across my first bug: an Open Redirection.
I enjoyed Lightweight, as it was kind of a different box from what I’ve come across, especially in the user part.